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DETAILED ACTION 
Response to Amendment 
1 . The 1 3 1 Affidavit filed on 1 2/06/2007 under 37 CFR 1 . 1 3 1 has been considered but is 
ineffective to overcome the HBCI HOMEBANKING COMPUTER INTERFACE - Interface 
Specification Version 2.1 reference. 

1) The HBCI HOMEBANKING COMPUTER INTERFACE - Interface Specification 
Version 2.1 reference is a statutory bar under 35 U.S.C. 102(b) and thus cannot be overcome by 
an affidavit or declaration under 37 CFR 1.131. 

The reference, HBCI HOMEBANKING COMPUTER INTERFACE - Interface Specification 
Version 2.1 was published on March 2, 1999. It was published more than one year prior to the 
date of the application for patent in the United States, which was March 1 5, 2000 in applicants' 
case. 

2) The evidence submitted is non-English, which cannot be reviewed or treated as evidence. 



Response to Arguments 

2.- Applicant's arguments filed 12/06/2007 have been fully considered but they are not 
persuasive. 

Regarding rejections on claims 1 and 37, applicants argued that the Interview Reference 
does not express a "design preference" because it does not mention replacing the Telepay system 
of Hultgren with an HBCI gateway and the HBCI gives the customer more banking services than 
just making payment. 
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However, the Examiner does not agree, Hultgren teaches a financial servicing system 
that enables a customer to utilize banking service over the data network via a GSM mobile 
telephone with a chip card (Fig. 1 B). The published HBCI specification provides a European 
online banking standard for banking service over a data network via remote equipment with a 
chip card. So, one of ordinary skill in the art would recognize that Hultgren discloses the same 
backbone that fits HBCI standard in providing electronic banking service to customer via mobile 
telephone. The Interview Reference shows that Europe has different banking standards 
including HBCI, which are capable of being implemented with a GSM mobile network so that 
customers can utilize electronic banking services over the data network with a mobile telephone. 
In other words, different banks use different electronic banking standards with GSM banking. 
Therefore, it would have been obvious to one of ordinary skill in the art to replace Telepay of 
Hultrgen with HBCI in view of the Interview Reference for electronic banking compatibility as 
design preference. In term of banking services, the claims do not limit what kind of HBCI 
banking services a customer has to utilize. Furthermore, having additional electronic banking 
services would have been another obvious reason for one of ordinary skill in the art to replace 
Telepay of Hultgren with HBCI in view of having HBCI for GSM banking taught by the 
Interview Reference. 

Then, applicants argued that the Interview Reference says nothing about using an HBCI 
gateway such as that of the claimed invention though the Interview Reference suggests 
implement HBCI through an Internet connection over a GSM cellular network. 

A gateway, in computer network technology, is a node that services as an entrance to 
another network, and vice-versa. Gateways are known to be used to transfer data between 
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private networks and the Internet. So, though the Interview Reference does not explain how to 
implement HBCI over Internet, one of ordinary skill in the art would know that a HBCI gateway 
is required since a bank's HBCI network is a private network. Hultgren also shows that a 
Telepay gateway (TSN) is applied because it is required to enable communication between the 
bank and the data network (N) that uses different communications protocols (e.g. X.25, X.21, 
leased line, or Internet TCP/IP). 

Again, applicants argued that there is no suggestion of the claimed subject matter which 
requires an HBCI gateway and splitting of the customer end HBCI system into two components, 
the SIM card of the mobile station and an HBCI gateway. 

As explained before and as shown in Hultgren, a gateway is necessary to enable 
communication between the bank and the Internet that uses different communications protocols; 
and the SIM card is required for identification on customer end. One of ordinary skill in the art 
would know that implementing HBCI with GSM banking taught by the Interview Reference 
would require the same in having an HBCI gateway and a SIM card for protocol compatibility 
and security. 

Thus, the rejections are proper and maintained. 

Claim Rejections - 35 USC §102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis 
for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 
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(e) the invention was described in (1 ) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

3. Claim 38 is rejected under 35 U.S.C. 102(e) as being anticipated by Dennis (US 
Patent#7167711). 

Regarding claim 38, Dennis anticipates a method for using bank services via mobile 
radiotelephone in which data is transmitted between a bank server and a mobile station, 
comprising the steps of: 

inserting a communications gateway (18 of Fig. 1) into the transmission path between the 
bank server (31 of Fig. 3) and the mobile station (13 of Fig, 1), which carries out a 
transformation between the transmission method used at the bank end and a wireless 
transmission method used at the radiotelephone end (column 3 line 33 to column 4 line 23, 
column 5 lines 51-55; between wireless and wired, between different networks, between 
different protocols, or between voice and data); 

transmitting data between the communications gateway and the mobile station according 
to the wireless transmission method used at the radio telephone end (16, 19, & 102 of Fig. 1); 
and 

transmitting data between the communications gateway and the bank server using the 
transmission method used at the bank end (301 of Fig. 3). 
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Claim Rejections - 35 USC § 1 03 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

4. Claims 1, 20-28, 30-31, 34 and 36-37 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Hultgren (US Patent#6868391) in view of "HBCI HOMEBANKING 
COMPUTER INTERFACE - Interface Specification - Version 2.1" (hereafter, HBCI) and "At 
the Coal-face Between Financial Industries and Politics" (hereafter, Interview w/ CG). 
Regarding claim 1, Hultgren teaches a method for using standardized bank services via mobile 
radiotelephone within a GSM mobile system with Telepay banking standard, comprising the 
steps of transmitting between a bank server and a mobile station builds on a transmission 
method: 

inserting an Telepay gateway (30 of Fig. 1A) into the Telepay transmission path between 
the bank server (80 of Fig. 1A) and the mobile station (60 of Fig. 1 A), which carries out a 
transformation between Telepay transmission method used at the bank end and a transmission 
method used at the radiotelephone end (column 3 line 39 to column 4 line 47); and 

splitting of the customer-end system into two components, a SIM card of the mobile 
station and the Telepay gateway (Fig. 1A, column 12 line 59 to column 13 line 21). 
Hultgren differs from the present invention is that Hultgren used the Telepay gateway between 
the bank and the GSM mobile network instead of a HBCI gateway. 
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HBCI is a well known standardized bank-independent protocol for online banking, developed 
and in use by German banks, which provides support for multibanking, platform-independent, 
and DES- and RSA-encryption and -signatures with chip card (HBCI, Chapters I & VIII. 8, 
especially VI1I.8.4) 

Further, Interview w/ CG teaches that with GSM network anyone could design using one of 
OFX, Integrion Gold, and HBCI as design preference for adapting European Internet banking 
standard in international network banking implementation (pages 1-1 1, especially 21 M -22 nd of 
Q&G). Thus, one of ordinary skill in the art can implement HBCI gateway between the GSM 
network and the banks (as shown in Interview w/ CG). The implemented network can be used in 
GSM mobile network with the European banks. The implemented network will also function 
necessary step such as splitting the customer-end system into GSM and HBCI. In US, Telepay 
banking standard can be implemented with a GSM mobile network, which is shown in the 
Hultgren reference. 

Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to make use of HBCI gateway instead of Telepay gateway of Hultgren as design 
preference as evidenced by Interview w/ CG, in order to perform Internet banking with European 
banks over GSM network. 



Regarding claim 37, Hultgren teaches a method for using standardized bank services via mobile 
radiotelephone, comprising the steps of 

transmitting data between a bank server (80 of Fig. 1A) and a mobile station (60 of Fig. 
1 A) builds on a Telepay transmission method (Fig. 1 A); 
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inserting an Telepay gateway (30 of Fig. 1 A) into the transmission path between the bank 
server and the mobile station, which carries out a transformation between the Telepay 
transmission method used at the bank end and a transmission method used at the radiotelephone 
end (column 3 line 39 to column 4 line 47); 

splitting the customer-end Telepay system into two components, a SIM card of the 
mobile station and the Telepay gateway (Fig. 1 A, column 12 line 59 to column 13 line 21); 

forming two transmission routes, the first between a SIM card and the Telepay gateway 
and the second between the Telepay gateway and a bank server (Fig. 1 A, column 12 line 59 to 
column 13 line 21); and 

unpacking an Telepay protocol by the Telepay gateway and converting its protocol 
sequence such that compatibility with a GSM SIM card and a GSM network is obtained so that 
an exchange of the converted protocol with the GSM SIM card is possible (inherent). 
Hultgren differs from the present invention is that Hultgren used the Telepay gateway between 
the bank and GSM mobile network instead of a HBCI gateway. 

HBCI is a well known standardized bank-independent protocol for online banking, developed 
and in use by German banks, which provides support for multibanking, platform-independent, 
and DES- and RSA-encryption and -signatures with chip card (HBCI, Chapters 1 & VIII. 8, 
especially VIII.8.4) 

Further, Interview w/ CG teaches that with GSM network anyone could design using one of 
OFX, Integrion Gold, and HBCI as design preference for adapting European Internet banking 
standard in international network banking implementation (pages 1-11, especially 21 st -22 nd of 
Q&G). Thus, one of ordinary skill in the art can implement HBCI gateway between the GSM 
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network and the banks (as shown in Interview w/ CG). The implemented network can be used in 
GSM mobile network with the European banks. The implemented network will also function 
necessary step such as splitting the customer-end system into GSM and HBCI. In US, Telepay 
banking standard can be implemented with a GSM mobile network, which is shown in the 
Hultgren reference. 

Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to make use of HBCI gateway instead of Telepay gateway of Hultgren as design 
preference as evidenced by Interview w/ CG, in order to perform Internet banking with European 
banks over GSM network. 

Regarding claim 20, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
Hultgren teaches wherein two transmission routes are formed, first between a SIM card and the 
HBCI gateway and second between the HBCI gateway and a bank server (Fig. 1 A of Hultgren). 

Regarding claim 21, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
Hultgren, HBCI, and Interview w/ CG teach the method of utilizing HBCI banking over GSM 
network, which would have been obvious to one of ordinary skill in the art at the time the 
invention was made to recognize that an HBCI protocol is unpacked by the HBCI gateway and 
its protocol sequence is converted such that compatibility with a GSM SIM card and a GSM 
network is obtained in order for an exchange of the converted protocol with the GSM SIM card 
is to be possible. 
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Regarding claim 22, Hultgren, HBCI 5 and Interview w/ CG teach the limitation of claim 1 . 
Hultgren teaches a carrier service for the information exchange to be short message service 
(column 13 lines 22-32). 

Regarding claim 23, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 20. 
Hultgren teaches on both routes a cryptographic security is realized (column 6 lines 38-43, 
column 12 lines 59-65), 

Regarding claim 24, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
Hultgren, HBCI, and Interview w/ CG teach wherein between the bank server and the HBCI 
gateway a security protocol defined by is applied HBCI (III. 1.3 of HBCI) and between the HBCI 
gateway and a SIM card a second security protocol is employed (column 12 line 59 to column 13 
line 63 of Hultgren). 

Regarding claim 25, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 24. 
Hultgren, HBCL and Interview w/ CG teach wherein the second security protocol corresponds to 
a protocol reduced in terms of data quality where the transmission only deals with a single 
customer, but equivalent to HBCI in terms of security technology (III. 1 .3) ; where encryption 
algorithm to be used is by customer's preference and supported by the bank to fit for security 
procedure and compression procedure of HBCI. 



Regarding claim 26, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 25. 
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Hultgren, HBCI, and Interview w/ CG teach a cryptographic key (Ksms) (signature key of 
HBCI) specific to each subscriber is securely generated and stored in a SIM card (Chip card of 
Fig. 1 of HBCI; 62 of Fig. 1A of Hultgren) for use in the second security protocol after regular 
SIM card personalization (I, VI.3.1.1 Key types of HBCI). 

Regarding claim 27, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
Hultgren, HBCI, and Interview w/ CG teach wherein the generation of the key (Ksms) specific to 
the subscriber is generated in the SIM card by entering an initialization PIN on the mobile 
telephone (VI. 3 of HBCI), where using two or more keys to generate a specific key is also well 
known in the art of cryptography. 

Regarding claim 28, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
HBCI teaches wherein a subscriber is informed per PIN letter by the bank of a PIN for 
generating the key (Ksms) (VI. 3. 1.3. 2 Initial key distribution, in writing from the bank). 

Regarding claim 30, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
HBCI teaches wherein before subscription to a service a subscriber receives the data of his bank 
including an initialization PIN (User ID of III. 1.1, VI. 3. 1.3. 2 Initial key distribution). 

Regarding claim 31, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 30. 
HBCI teaches a cryptographic method of generating the key through triple DES using country 
code (local PIN), bank code (routing number), user ID (account number), key type, key number, 



Application/Control Number: Page 12 

09/936,834 

Art Unit: 2618 

and version number (VI. 3. 1.1, 11.5.3.2), which means during the initialization of an application, 
i.e. during subscription, with the aid of the KIV from initialization PIN. the key Ksms is 
generated through triple DES using the local PIN, the bank routing number and an account 
number. 

Regarding claim 34, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1. 
Hultgren, HBCI, and Interview w/ CG teach wherein the authentication of the two involved sites, 
mobile radiotelephone subscriber and HBCI gateway, takes place by knowledge of the 
initialization PIN exchanged in writing (VI. 3. 1.3. 2 of HBCI). 

Regarding claim 36, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
Hultgren teaches wherein an additional authentication of a subscriber takes place via an 
identification of his/her mobile connection to carry out an evaluation of a calling line 
identification (CLI) (column 13 lines 33-49). 



5. Claims 29 and 33 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hultgren (US Patent#6868391) in view of "HBCI HOMEBANKING COMPUTER 
INTERFACE - Interface Specification - Version 2. 1 " (hereafter, HBCI), "At the Coal-face 
Between Financial Industries and Politics" (hereafter, Interview w/ CG), and Atalla (US 
Patent#4288659). 

Regarding claim 29, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
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But, Hultgren, HBCI, and Interview w/ CG do not expressly disclose during a card 
personalization by the mobile telephone network operator together with the bank application, an 
initialization key KIV, derived from a master key and a SIM card-individual number, for 
generating a Ksms specific to the subscriber is applied onto a plurality of SIM cards. 
Atalla teaches generating an initialization key based on a secret code (master key) known by 
both authorized individual and the bank and an identification of the terminal for generating the 
session key specific to the terminal user (column 1 line 45 to column 2 line 27), where applying 
the key generating method is obvious to one of ordinary skill in the art to apply on other cards as 
well. 

Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to incorporate generating initialization key from a master key and a hardware 
individual number taught by Atalla into the method of Hultgren, HBCI, and Interview w/ CG, in 
order to provide both user and hardware authentication in initialization. 

Regarding claim 33, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
But, Hultgren, HBCI, and Interview w/ CG do not expressly disclose the generation of an 
initialization PIN takes place at the HBCI gateway and this is transferred to the bank server. 
However, it is known that the gateway is a mid-node for authentication and conversion for user 
data before communicating with the bank. So, the gateway would be the one who masters 
security with the user and the bank, which would have been obvious to one of ordinary skill in 
the art to recognize that having the gateway to generate initialization PIN is secure and 
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convenient. Then initialized PIN can be transferred to the bank so that the bank can inform user 
the initialization key since the bank is the one who authorize the service. 
Atalla teaches the generation of the initialization PIN takes place at the terminal (mid-node 
between user and bank) and data terminal must be initialized in the first operating cycle (column 
1 line 45 to column 2 line 27, column 2 lines 64-67). 

Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to incorporate generating initialization key in mid-node taught by Atalla into the 
method of Hultgren, HBCI, and Interview w/ CG, in order to provide secured user initialization 
and authentication in the HBCI gateway. 



6. Claim 32 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hultgren (US 
Patent#6868391) in view of "HBCI HOMEBANKJNG COMPUTER INTERFACE - Interface 
Specification - Version 2.1" (hereafter, HBCI), "At the Coal-face Between Financial Industries 
and Politics" (hereafter, Interview w/ CG), and Fujioka (JP 10-242957). 

Regarding claim 32, Hultgren, HBCI, Interview w/ CG, and HBCI Specification v2.1 teach the 
limitation of claim 27. 

But, Hultgren, HBCI, Interview w/ CG, and HBCI Specification v2.1 do not expressly disclose 
wherein in the generation of the Ksms in the HBCI gateway an initialization PIN is transferred to 
a gateway operator. 

Fujioka teaches transferring an initial key to server for generating another key (abstract). 
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Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to incorporate transferring initialization PIN to server for generating a key taught by 
Fujioka into the modified method of Hultgren, HBCI, Interview w/ CG, and HBCI Specification 
v2.1, in order to authenticate key generation for corresponding client. 



7. Claim 35 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hultgren (US 
Patent#6868391) in view of "HBCI HOMEBANKING COMPUTER INTERFACE - Interface 
Specification - Version 2.1" (hereafter, HBCI). "At the Coal-face Between Financial Industries 
and Politics" (hereafter, Interview w/ CG), and Elgamal et al. (US Patent#5657390). 
Regarding claim 35, Hultgren, HBCI, and Interview w/ CG teach the limitation of claim 1 . 
But, Hultgren, HBCI, and Interview w/ CG do not expressly disclose between mobile 
radiotelephone network operator and HBCI gateway operator a master key is exchanged. 
Elgamal et al. teach between mobile radiotelephone network operator and HBCI gateway 
operator a master key is exchanged (column 7 lines 41-56). 

Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to incorporate exchanging master key taught by Elgamal et al. into the method of 
Hultgren, HBCI, and Interview w/ CG, in order for both client and server to produce session 
keys for encrypt/decrypt data during communication. 
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Conclusion 

8. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Zhiyu Lu whose telephone number is (571 ) 272-2837. The 
examiner can normally be reached on Weekdays: 9AM-5PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nay Maung can be reached on (571) 272-7882. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 





Zhiyu Lu 
February 19, 2008 
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